Waqas Ali Khan (47247 | 28 Jun 08:15 2016
Picon

Re: RESPONSE_BODY in chain rule not working

Hi Chris

Thanks a lot for your response. So as per your suggestion to move the rule from phase 2 to phase 4, I changed the
rules as follows:

SecGeoLookupDb /etc/httpd/modsecurity.d/GeoCity.dat SecRule
 REQUEST_BODY "login:usrnam=(.+?)&"
"t:none,t:urlDecodeUni,chain,phase:4,capture,id:xxxxxxxx,sanitiseArg:login:pass,logdata:'Successful
login with username %{TX.1} from %{geo.city}, %{geo.country}'" 
SecRule RESPONSE_BODY " <at> contains Terms and Conditions" "chain"
SecRule REMOTE_ADDR " <at> geoLookup"

However, it didn't work. The debug log shows:

Recipe: Invoking rule 7f1796134348; [file "/etc/httpd/modsecurity.d/activated_rules/test.conf"]
[line "3"] [id "150000026"].
Rule 7f1796134348: SecRule "REQUEST_BODY" " <at> rx login:usrnam=(.+?)&"
"phase:4,log,auditlog,pass,t:none,t:urlDecodeUni,chain,capture,id:150000026,sanitiseArg:login:pass,logdata:'Login
with username %{TX.1} from %{geo.city}, %{geo.country_name}'"
[9] T (0) urlDecodeUni: "login=login&login:usrnam=test <at> test.com&login:pass=xxx
[4] Transformation completed in 27 usec.
Executing operator "rx" with param "login:usrnam=(.+?)&" against REQUEST_BODY.
[9] Target value: "login=login&login:usrnam=test <at> test.com&login:pass=xxx
[9] Added regex subexpression to TX.0: login:usrnam=test <at> test.com&
[9] Added regex subexpression to TX.1: test <at> test.com
[4] Operator completed in 33 usec.
[4] Rule returned 1.
[9] Match -> mode NEXT_RULE.
[4] Recipe: Invoking rule 7f1796136098; [file
"/etc/httpd/modsecurity.d/activated_rules/test.conf"] [line "5"].
(Continue reading)

Marco A. Carcano | 27 Jun 13:25 2016
Picon

Apache crashes with sigsev when using a chained rule with status page

Hi,

I start claiming that I’m a newbie with mod_security, so please forgive me if I made a stupid error, but
I’m facing this weird problem:

I have the following configuration of apache

<Location "/server-status">
    SetHandler server-status
    Require ip 127.0.0.1
</Location> 

What I want is to add an exception to the rule 960017 - "Host header is a numeric IP address” if the request
comes from the server itself and the request is "/server-status”

So I added the following rule:

SecRule REQUEST_URI "/server-status" "id:8,phase:1,t:none,nolog,pass,chain”
   SecRule REMOTE_ADDR " <at> ipMatch 127.0.0.1" "t:none,ctl:ruleRemoveTargetById=960017”

The problem is that when I try to access /server-status apache crashes with a sigsev. This is what I got in
Apache error log

Mon Jun 27 12:52:48.000750 2016] [core:notice] [pid 26173] AH00052: child pid 26174 exit signal
Segmentation fault (11)
[Mon Jun 27 12:52:48.000823 2016] [core:notice] [pid 26173] AH00052: child pid 26175 exit signal
Segmentation fault (11)
[Mon Jun 27 12:52:48.000833 2016] [core:notice] [pid 26173] AH00052: child pid 26176 exit signal
Segmentation fault (11)
[Mon Jun 27 12:52:48.000858 2016] [core:notice] [pid 26173] AH00052: child pid 26177 exit signal
(Continue reading)

Waqas Ali Khan (47247 | 27 Jun 09:28 2016
Picon

RESPONSE_BODY in chain rule not working

We have an application which upon successful logins generate two HTTP 302 status messages and then
transfer to the terms and conditions page. I want to detect the terms and conditions page in order to
determine if the login is successful or not. I have configured the following rule:

SecGeoLookupDb /etc/httpd/modsecurity.d/GeoCity.dat
SecRule REQUEST_BODY "login:usrnam=(.+?)&"
"t:none,t:urlDecodeUni,chain,phase:2,capture,id:xxxxxxxx,sanitiseArg:login:pass,logdata:'Successful
login with username %{TX.1} from %{geo.city}, %{geo.country}'"
SecRule RESPONSE_BODY " <at> contains Terms and Conditions" "chain"
SecRule REMOTE_ADDR " <at> geoLookup"

But it is not working. However, if a single rule for response body is configured:

SecRule RESPONSE_BODY " <at> contains Terms and Conditions" "phase:4,id:xxxxxx,msg:'Terms and
conditions page detected'"

It is working fine. Can someone provide a hint what is the problem with the first chain rule? Mod Security has
been configured on the reverse proxy which communicates to the back end application. Also the
application maintains the session through session variable and no authentication cookie is
transferred to the client.

------------------------------------------------------------------------------
Attend Shape: An AT&T Tech Expo July 15-16. Meet us at AT&T Park in San
Francisco, CA to explore cutting-edge tech and listen to tech luminaries
present their vision of the future. This family event has something for
everyone, including kids. Get more information and register today.
http://sdm.link/attshape
_______________________________________________
mod-security-users mailing list
mod-security-users <at> lists.sourceforge.net
(Continue reading)

Shahin Ansari | 24 Jun 22:06 2016
Picon
Picon

Amount of time for Git Fork fetching the latest commit

Greetings-

I am trying to join and help out so any information in addition to what is under the Developers tab is greatly appreciated. How long does it take for Git to fetch the latest commits for this project please?

Sean

------------------------------------------------------------------------------
Attend Shape: An AT&T Tech Expo July 15-16. Meet us at AT&T Park in San
Francisco, CA to explore cutting-edge tech and listen to tech luminaries
present their vision of the future. This family event has something for
everyone, including kids. Get more information and register today.
http://sdm.link/attshape
_______________________________________________
mod-security-users mailing list
mod-security-users <at> lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/mod-security-users
Commercial ModSecurity Rules and Support from Trustwave's SpiderLabs:
http://www.modsecurity.org/projects/commercial/rules/
http://www.modsecurity.org/projects/commercial/support/
Stefan Mayr | 23 Jun 22:21 2016
Picon

Work around Multipart parsing error

Hi,

we only use mod_security (2.7.x for apache provided with SuSE distro) to 
scan file uploads for malicous files with inspectFile like it is 
described in [1].

Now we found out that we fail to do so in some cases. The reason is that 
some HTTP clients insert a charset option in the initial Content-Type 
header (Apache httpclient, automated scripts hitting our servers). This 
leads to the error message "Multipart parsing error (init): Multipart: 
Invalid boundary in C-T" and inspectFile is not triggered. Some more 
google search brought up GitHub issues #193 and #480.

I would say charset is optional and this type of header is valid as long 
as the required boundry parameter is the last in line. But I don't want 
to argue if this is right or wrong. There are clients that send this 
header and we can't change their behaviour. As the rest of the multipart 
upload is fine - any ideas for workarounds to make inspectFile work?

Is there a chance to rewrite the header mod_security processes?
Something like a RegEx s/multipart\/form-data; .+ 
boundary=/multipart\/form-data; boundary=/

Any ideas welcome.

Thank you,

   Stefan Mayr

[1] 
http://blog.modsecurity.org/2010/10/advanced-topic-of-the-week-preventing-malicious-pdf-file-uploads.html
[2] https://github.com/SpiderLabs/ModSecurity/issues/193
[3] https://github.com/SpiderLabs/ModSecurity/issues/480

------------------------------------------------------------------------------
Attend Shape: An AT&T Tech Expo July 15-16. Meet us at AT&T Park in San
Francisco, CA to explore cutting-edge tech and listen to tech luminaries
present their vision of the future. This family event has something for
everyone, including kids. Get more information and register today.
http://sdm.link/attshape
_______________________________________________
mod-security-users mailing list
mod-security-users <at> lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/mod-security-users
Commercial ModSecurity Rules and Support from Trustwave's SpiderLabs:
http://www.modsecurity.org/projects/commercial/rules/
http://www.modsecurity.org/projects/commercial/support/

Gyana Ranjan Panigrahi | 23 Jun 13:23 2016
Picon

Re: Issue facing while configuring SSLinModsecurity

Your understanding is absolutely correct.But when i am trying to access the same locally it works perfectly fine.
But when i am trying to access outside of the box where tomcat and apache is configured it was unabe to launch my application.
But the same configuration works perfectly fine without SSL. Do i need to configured some extra parameter to work with SSL in the virtual-host?


Thanks Gyana

On Thu, Jun 23, 2016 at 4:11 PM, Christian Folini <christian.folini <at> netnea.com> wrote:
This message is eligible for Automatic Cleanup! (christian.folini <at> netnea.com) Add cleanup rule | More info

Gyana,

Am I getting you right:

- You connect via an Apache/ModSec RP to your tomcat server
- Connection basically works BUT
  - ModSec throws an error with regards to SecDataDir
  - Tomcat throws a java stack trace

I might be might be mistaken, but outside of the non-lethal
ModSec error, your Apache setup works and ModSec lets you
access Tomcat. Tomcat has a serious problem, though.

Usually, this is not related to the setup behind an Apache RP,
but you are connection to Apache via https and then to Tomcat
via http. So at least theoretically, this might be the reason
for the hiccup.

But whatever, the reason, this is the wrong place for Java/Tomcat
problems. Not because we do not want to help you, but because we
lack the expertise.

All things considered, if you see a backend error message when
you connect via an Apache RP, then the Apache RP basically works.

Good luck!

Christian



On Thu, Jun 23, 2016 at 03:45:22PM +0530, Gyana Ranjan Panigrahi wrote:
>  Christian,
>
> Yes i defined the SecDataDir.Still i am getting the same issue.
>
> *Any clues for the same or do i need some more configuration which are
> required to work with SSL.*
>
>
> *Thanks n Regards*
> *Gyana*
>
> On Thu, Jun 23, 2016 at 3:09 PM, Christian Folini <
> christian.folini <at> netnea.com> wrote:
>
> > [image: Boxbe] <https://www.boxbe.com/overview> This message is eligible
> > for Automatic Cleanup! (christian.folini <at> netnea.com) Add cleanup rule
> > <https://www.boxbe.com/popup?url=https%3A%2F%2Fwww.boxbe.com%2Fcleanup%3Fkey%3DXZdlRQogkqffVZVL1OkoYdEu0b2oFOrdXTpyoMMbrDQ%253D%26token%3DuXiz8r6hlAszUzBoQzdkTZ4hBk8TOd0txK3ZBAqyVnI0%252FMQN6A035Uh3G2p%252FolMry2n%252FuC2ag8qhbl2DnXRRIXdyHTy9TfL8RUx4GZntBhA4BzbqKkV4cRnfi1FDAGRacTMNZDWWtGvQ0dceA5hKaA%253D%253D&tc_serial=25864209944&tc_rand=454500691&utm_source=stf&utm_medium=email&utm_campaign=ANNO_CLEANUP_ADD&utm_content=001>
> > | More info
> > <http://blog.boxbe.com/general/boxbe-automatic-cleanup?tc_serial=25864209944&tc_rand=454500691&utm_source=stf&utm_medium=email&utm_campaign=ANNO_CLEANUP_ADD&utm_content=001>
> >
> > Gyana,
> >
> > On Wed, Jun 22, 2016 at 08:45:42PM +0530, Gyana Ranjan Panigrahi wrote:
> > > ...
> > > error mesage in the error.log file  which
> > > says *ModSecurity:
> > > collection_retrieve_ex: Unable to retrieve collection (name "ip", key
> > > "10.134.13.194_ab775803b8ef89f18d921d5e20910c1a29cead08"). Use SecDataDir
> > > to define data directory first. [hostname "pangy01-w2k8vm2"].*
> >
> > So, did you "Use SecDataDir to define data directory first"?
> > Because that seems to be the advice the error message is giving you.
> >
> > To add a bit of background:
> >
> > SecDataDir has to be defined, so ModSecurity can store its persistent
> > data.
> >
> > The ModSecurity packages is distributed with a file named
> > modsecurity.conf-recommended
> >
> > In this file, SecDataDir is defined as
> > SecDataDir /tmp/
> >
> > /tmp is probably not the best location, but it's definitely functional
> > and enough to get rid of your problem.
> >
> > It is also worth noting, that SecDataDir does not have a default value.
> > So either you define it, or your installation is broken. Hence the
> > error message above.
> >
> > Best,
> >
> > Christian
> >
> > --
> > ModSecurity Training in London: Sep 22/23, 2016
> > https://www.feistyduck.com/training/modsecurity-training-course
> > mailto:christian.folini <at> netnea.com
> > twitter: <at> ChrFolini
> >
> >
> > ------------------------------------------------------------------------------
> > Attend Shape: An AT&T Tech Expo July 15-16. Meet us at AT&T Park in San
> > Francisco, CA to explore cutting-edge tech and listen to tech luminaries
> > present their vision of the future. This family event has something for
> > everyone, including kids. Get more information and register today.
> > http://sdm.link/attshape
> > _______________________________________________
> > mod-security-users mailing list
> > mod-security-users <at> lists.sourceforge.net
> > https://lists.sourceforge.net/lists/listinfo/mod-security-users
> > Commercial ModSecurity Rules and Support from Trustwave's SpiderLabs:
> > http://www.modsecurity.org/projects/commercial/rules/
> > http://www.modsecurity.org/projects/commercial/support/
> >
> >
>
>
> --
>
> *Best & RegardsGyana Ranjan Panigrahi*

> ------------------------------------------------------------------------------
> Attend Shape: An AT&T Tech Expo July 15-16. Meet us at AT&T Park in San
> Francisco, CA to explore cutting-edge tech and listen to tech luminaries
> present their vision of the future. This family event has something for
> everyone, including kids. Get more information and register today.
> http://sdm.link/attshape

> _______________________________________________
> mod-security-users mailing list
> mod-security-users <at> lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/mod-security-users
> Commercial ModSecurity Rules and Support from Trustwave's SpiderLabs:
> http://www.modsecurity.org/projects/commercial/rules/
> http://www.modsecurity.org/projects/commercial/support/


--
ModSecurity Training in London: Sep 22/23, 2016
https://www.feistyduck.com/training/modsecurity-training-course
mailto:christian.folini <at> netnea.com
twitter: <at> ChrFolini

------------------------------------------------------------------------------
Attend Shape: An AT&T Tech Expo July 15-16. Meet us at AT&T Park in San
Francisco, CA to explore cutting-edge tech and listen to tech luminaries
present their vision of the future. This family event has something for
everyone, including kids. Get more information and register today.
http://sdm.link/attshape
_______________________________________________
mod-security-users mailing list
mod-security-users <at> lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/mod-security-users
Commercial ModSecurity Rules and Support from Trustwave's SpiderLabs:
http://www.modsecurity.org/projects/commercial/rules/
http://www.modsecurity.org/projects/commercial/support/




--
Best & Regards
Gyana Ranjan Panigrahi











------------------------------------------------------------------------------
Attend Shape: An AT&T Tech Expo July 15-16. Meet us at AT&T Park in San
Francisco, CA to explore cutting-edge tech and listen to tech luminaries
present their vision of the future. This family event has something for
everyone, including kids. Get more information and register today.
http://sdm.link/attshape
_______________________________________________
mod-security-users mailing list
mod-security-users <at> lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/mod-security-users
Commercial ModSecurity Rules and Support from Trustwave's SpiderLabs:
http://www.modsecurity.org/projects/commercial/rules/
http://www.modsecurity.org/projects/commercial/support/
Gyana Ranjan Panigrahi | 23 Jun 12:15 2016
Picon

Re: Issue facing while configuring SSL inModsecurity

 Christian,

Yes i defined the SecDataDir.Still i am getting the same issue.

Any clues for the same or do i need some more configuration which are required to work with SSL.


Thanks n Regards
Gyana

On Thu, Jun 23, 2016 at 3:09 PM, Christian Folini <christian.folini <at> netnea.com> wrote:
This message is eligible for Automatic Cleanup! (christian.folini <at> netnea.com) Add cleanup rule | More info

Gyana,

On Wed, Jun 22, 2016 at 08:45:42PM +0530, Gyana Ranjan Panigrahi wrote:
> ...
> error mesage in the error.log file  which
> says *ModSecurity:
> collection_retrieve_ex: Unable to retrieve collection (name "ip", key
> "10.134.13.194_ab775803b8ef89f18d921d5e20910c1a29cead08"). Use SecDataDir
> to define data directory first. [hostname "pangy01-w2k8vm2"].*

So, did you "Use SecDataDir to define data directory first"?
Because that seems to be the advice the error message is giving you.

To add a bit of background:

SecDataDir has to be defined, so ModSecurity can store its persistent
data.

The ModSecurity packages is distributed with a file named
modsecurity.conf-recommended

In this file, SecDataDir is defined as
SecDataDir /tmp/

/tmp is probably not the best location, but it's definitely functional
and enough to get rid of your problem.

It is also worth noting, that SecDataDir does not have a default value.
So either you define it, or your installation is broken. Hence the
error message above.

Best,

Christian

--
ModSecurity Training in London: Sep 22/23, 2016
https://www.feistyduck.com/training/modsecurity-training-course
mailto:christian.folini <at> netnea.com
twitter: <at> ChrFolini

------------------------------------------------------------------------------
Attend Shape: An AT&T Tech Expo July 15-16. Meet us at AT&T Park in San
Francisco, CA to explore cutting-edge tech and listen to tech luminaries
present their vision of the future. This family event has something for
everyone, including kids. Get more information and register today.
http://sdm.link/attshape
_______________________________________________
mod-security-users mailing list
mod-security-users <at> lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/mod-security-users
Commercial ModSecurity Rules and Support from Trustwave's SpiderLabs:
http://www.modsecurity.org/projects/commercial/rules/
http://www.modsecurity.org/projects/commercial/support/




--
Best & Regards
Gyana Ranjan Panigrahi











------------------------------------------------------------------------------
Attend Shape: An AT&T Tech Expo July 15-16. Meet us at AT&T Park in San
Francisco, CA to explore cutting-edge tech and listen to tech luminaries
present their vision of the future. This family event has something for
everyone, including kids. Get more information and register today.
http://sdm.link/attshape
_______________________________________________
mod-security-users mailing list
mod-security-users <at> lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/mod-security-users
Commercial ModSecurity Rules and Support from Trustwave's SpiderLabs:
http://www.modsecurity.org/projects/commercial/rules/
http://www.modsecurity.org/projects/commercial/support/
Gyana Ranjan Panigrahi | 22 Jun 17:15 2016
Picon

Issue facing while configuring SSL in Modsecurity

Team,
I am facing issues while configuring SSL using Mod_proxy.
Below is my configuration which I made to work with SSL.8086 is the tomcat port which i configured and the server.xml file in the tomcat server i blocked the tomcat port to access outside by adding the context (address="127.0.0.1").
when i tried to launch the url https://pangy01-w2k8vm1:443/spectrum it couldnt able to launch my application and throws the error mesage in the error.log file  which says ModSecurity: collection_retrieve_ex: Unable to retrieve collection (name "ip", key "10.134.13.194_ab775803b8ef89f18d921d5e20910c1a29cead08"). Use SecDataDir to define data directory first. [hostname "pangy01-w2k8vm2"].

Listen 443
<VirtualHost *:443>
    SSLEngine On
    ProxyPreserveHost On

ProxyPass /spectrum http://localhost:8086/spectrum
        ProxyPassReverse /spectrum http://localhost:8086/spectrum
ServerName pangy01-w2k8vm2
</VirtualHost>


The above configurations worked perfectly fine for Non-SSL mode.
Can anyone please help me on the same if i am missing some configurations which is required to make it work with SSL?

--
Best & Regards
Gyana Ranjan Panigrahi











------------------------------------------------------------------------------
Attend Shape: An AT&T Tech Expo July 15-16. Meet us at AT&T Park in San
Francisco, CA to explore cutting-edge tech and listen to tech luminaries
present their vision of the future. This family event has something for
everyone, including kids. Get more information and register today.
http://sdm.link/attshape
_______________________________________________
mod-security-users mailing list
mod-security-users <at> lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/mod-security-users
Commercial ModSecurity Rules and Support from Trustwave's SpiderLabs:
http://www.modsecurity.org/projects/commercial/rules/
http://www.modsecurity.org/projects/commercial/support/
Chris Proudlock | 21 Jun 13:20 2016

Logged in

Hi!

 

I’ve only just scratched the surface of MODSECURITY but I love it.

Wondering if anyone could provide some advice or pointers on where to look.

 

I currently have an web application, not the best but most of the transactions trigger a ton of SQL injection signatures due to bad sanitization.

 

Is there any way to disable rules based on if a user is logged in? other than applying rules only to the login page and letting everything else pass.

 

Not the best solution but I can only work with what I have J

 

Cheers,

C

------------------------------------------------------------------------------
Attend Shape: An AT&T Tech Expo July 15-16. Meet us at AT&T Park in San
Francisco, CA to explore cutting-edge tech and listen to tech luminaries
present their vision of the future. This family event has something for
everyone, including kids. Get more information and register today.
http://sdm.link/attshape
_______________________________________________
mod-security-users mailing list
mod-security-users <at> lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/mod-security-users
Commercial ModSecurity Rules and Support from Trustwave's SpiderLabs:
http://www.modsecurity.org/projects/commercial/rules/
http://www.modsecurity.org/projects/commercial/support/
Christian Folini | 21 Jun 13:31 2016

ModSec course in London

Dear all,

There are very few offerings for ModSecurity courses and as far as
I can see, there is not regular course in Europe.

Feisty Duck / Ivan Ristić would like to establish such an offering and
they have asked me to join their team of trainers and provide a two day
ModSecurity course (Ivan is running a TLS course and Scott Helme will
teach CSP via Feisty Duck).

The course is going to be on September 22/23 in London.
https://www.feistyduck.com/training/modsecurity-training-course

I have also written a blog post about the course at
https://www.netnea.com/cms/2016/06/20/more-about-the-modsecurity-course-in-london/

It's obvious, this is an great opportunity for me. But beyond myself,
it is also an interesting test case for ModSecurity: Does ModSecurity
have the traction to allow for such a regular offering?

So I really want this to succeed. And I want to give the ModSecurity
community a place in the first row:
So we created a coupon code MODSECML to give you privileged access. 
It will allow 5 people to attend with a 200£ discount. This combined 
with the early bird discount will bring you the course for 1095£ 
(about 1400 Euros).

The course is also a place to meet and talk about ModSecurity. The
program I developed has enough air to respond to questions and discuss
them in the group. I think this is HUGE as most people running
ModSecurity are very much on their own in their day jobs. So the course
is also an opportunity to talk with other ModSec admins. Personally,
this is what makes teaching so interesting.

Ahoj,

Christian

P.S. Recently, I presented the upcoming ModSecurity Core Rules
release and the new Paranoia mode at the Area41 conference in Zurich.
Here are my slides:
  http://www.slideshare.net/ChristianFolini/owasp-modsecurity-core-rules-paranoia-mode
The interesting slide is the slide #21 which brings false positives
rates for the core rules 2.2.9 and core rules 3.0.0dev: The 3.0.0
default install has extremely few false positives when compared to
2.2.9.

-- 
ModSecurity Training in London: Sep 22/23, 2016
https://www.feistyduck.com/training/modsecurity-training-course
mailto:christian.folini <at> netnea.com
twitter:  <at> ChrFolini

------------------------------------------------------------------------------
Attend Shape: An AT&T Tech Expo July 15-16. Meet us at AT&T Park in San
Francisco, CA to explore cutting-edge tech and listen to tech luminaries
present their vision of the future. This family event has something for
everyone, including kids. Get more information and register today.
http://sdm.link/attshape
_______________________________________________
mod-security-users mailing list
mod-security-users <at> lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/mod-security-users
Commercial ModSecurity Rules and Support from Trustwave's SpiderLabs:
http://www.modsecurity.org/projects/commercial/rules/
http://www.modsecurity.org/projects/commercial/support/
Picon
Picon

it's never too late

Hello,

 

It's never too late to read some interesting info here http://frabengushi.searchdmvhomes.com/aenhss

 

Squirrelmail Plugins Mailing List

------------------------------------------------------------------------------
What NetFlow Analyzer can do for you? Monitors network bandwidth and traffic
patterns at an interface-level. Reveals which users, apps, and protocols are 
consuming the most bandwidth. Provides multi-vendor support for NetFlow, 
J-Flow, sFlow and other flows. Make informed decisions using capacity planning
reports. http://sdm.link/zohomanageengine
_______________________________________________
mod-security-users mailing list
mod-security-users <at> lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/mod-security-users
Commercial ModSecurity Rules and Support from Trustwave's SpiderLabs:
http://www.modsecurity.org/projects/commercial/rules/
http://www.modsecurity.org/projects/commercial/support/

Gmane